|
41
|
9.6 |
CRITICAL
Network
|
mozilla
|
firefox
thunderbird
|
Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, and Thunderbird 140.10.1.
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2026-7321
|
2026-05-2 02:54 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
42
|
5.3 |
MEDIUM
Network
|
ibm
|
db2
|
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper neutr…
New
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2025-14688
|
2026-05-2 02:52 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
43
|
6.5 |
MEDIUM
Network
|
ibm
|
db2
|
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow an authenticated user to cause a denial of service using a specially cra…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2025-36122
|
2026-05-2 02:52 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
44
|
6.5 |
MEDIUM
Network
|
ibm
|
db2
|
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper neutr…
New
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2026-1577
|
2026-05-2 02:52 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
45
|
9.8 |
CRITICAL
Network
|
exim
|
exim
|
In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation…
New
|
CWE-684
CWE-787
Incorrect Provision of Specified Functionality
Out-of-bounds Write
|
CVE-2026-40685
|
2026-05-2 02:51 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
46
|
5.5 |
MEDIUM
Local
|
opencascade
|
open_cascade_technology
|
An out-of-bounds read vulnerability in VrmlData_IndexedLineSet::TShape in the VRML parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows attackers to cause a denial of service via a crafted VRML…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-42479
|
2026-05-2 02:48 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
47
|
6.5 |
MEDIUM
Adjacent
|
frrouting
|
frrouting
|
FRRouting before 10.5.3 contains an integer overflow vulnerability in seven OSPF Traffic Engineering and Segment Routing TLV parser functions where a uint16_t accumulator variable truncates uint32_t …
New
|
CWE-125
CWE-190
Out-of-bounds Read
Integer Overflow or Wraparound
|
CVE-2026-28532
|
2026-05-2 02:48 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
48
|
7.5 |
HIGH
Network
|
opencascade
|
open_cascade_technology
|
An issue was discovered in VrmlData_IndexedFaceSet::TShape in the VRML V2.0 parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows attackers to cause a denial of service via a crafted VRML file. …
New
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-42478
|
2026-05-2 02:48 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
49
|
7.1 |
HIGH
Local
|
opencascade
|
open_cascade_technology
|
A heap-based out-of-bounds read vulnerability in RWObj_Reader::read in the OBJ file parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows user-assisted attackers to cause a denial of service or …
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-42477
|
2026-05-2 02:48 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
50
|
7.1 |
HIGH
Local
|
opencascade
|
open_cascade_technology
|
Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 exist in RWStl_Reader::ReadAscii because buffers returned by Standard_ReadL…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-42476
|
2026-05-2 02:47 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
